Securing the web application

Now that the authentication provider is set, we have to modify the deployment descriptors of the application to set the security properties and create a login page to let users authenticate themselves.

Modifying the web.xml descriptor file

We first need to set the security constraints by editing web.xml:

Open the WEB-INF/web.xml file of the Store web application.

Paste the following lines right after the servlet-mapping tag:

 <security-constraint> <web-resource-collection> <web-resource-name>protected</web-resource-name> <url-pattern>/reservation.jsf</url-pattern> </web-resource-collection> <auth-constraint> <role-name>User</role-name> </auth-constraint> </security-constraint> <login-config> <auth-method>FORM</auth-method> ...

Get Getting Started with Oracle WebLogic Server 12c: Developer's Guide now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Getting Started with Oracle WebLogic Server 12c: Developer's Guide by Fabio Mazanatti Nunes, William Markito Oliveira

Securing the web application

Modifying the web.xml descriptor file

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly